RBot.XPJava
Category: Trojan
Risk:
Severe Risk
* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: RBot is a memory resident Trojan worm that propagates through network shares and provides various backdoor capabilities to the attacker. RBot.XPJava starts by appending itself to the Userinit registry key.
Alias: Worm.Rbot-YC
Signatures:
process: xpjava.exe: MD5 Hash: d9b3b0be7344a3ce824
process: xpjava.exe: MD5 Hash: 7261cffb4980a4f4392
process: xpjava.exe: MD5 Hash: 0b7a5c7a9d49b45daf4
process: xpjava.exe: MD5 Hash: de628cf38ab93025092
process: xpjava.exe: MD5 Hash: 2d7f226db1bcbbf93e3
process: xpjava.exe: MD5 Hash: 2a0e4dae9e1909c9bad..
Copyright @2006 THR Computer Solutions: RBot.XPJava